From 7d507fb7e13d75e1091e9962f20fc2edaacc4e8b Mon Sep 17 00:00:00 2001
From: Richie Cahill <Richie@tmmworkshop.com>
Date: Fri, 29 May 2026 18:39:27 -0400
Subject: [PATCH 1/3] adding nornsight.nix

---
 overlays/default.nix                       |  1 +
 systems/jeeves/services/audiobookshelf.nix |  5 +-
 systems/jeeves/services/nornsight.nix      | 83 ++++++++++++++++++++++
 systems/jeeves/web_services/haproxy.cfg    |  2 +-
 4 files changed, 89 insertions(+), 2 deletions(-)
 create mode 100644 systems/jeeves/services/nornsight.nix

diff --git a/overlays/default.nix b/overlays/default.nix
index ee5a252..42b7882 100644
--- a/overlays/default.nix
+++ b/overlays/default.nix
@@ -44,6 +44,7 @@
         tiktoken
         tinytuya
         typer
+        uvicorn
         websockets
       ]
     );
diff --git a/systems/jeeves/services/audiobookshelf.nix b/systems/jeeves/services/audiobookshelf.nix
index e75e41c..47854c7 100644
--- a/systems/jeeves/services/audiobookshelf.nix
+++ b/systems/jeeves/services/audiobookshelf.nix
@@ -3,7 +3,10 @@ let
   vars = import ../vars.nix;
 in
 {
-  services.audiobookshelf.enable = true;
+  services.audiobookshelf = {
+    enable = true;
+    port = 8000;
+  };
   systemd.services.audiobookshelf.serviceConfig.WorkingDirectory =
     lib.mkForce "${vars.docker_configs}/audiobookshelf";
   users.users.audiobookshelf.home = lib.mkForce "${vars.docker_configs}/audiobookshelf";
diff --git a/systems/jeeves/services/nornsight.nix b/systems/jeeves/services/nornsight.nix
new file mode 100644
index 0000000..9800016
--- /dev/null
+++ b/systems/jeeves/services/nornsight.nix
@@ -0,0 +1,83 @@
+{ pkgs, ... }:
+let
+  vars = import ../vars.nix;
+  stateDir = "${vars.services}/nornsight";
+  appDir = "${stateDir}/app";
+  libraryPath = pkgs.lib.makeLibraryPath [
+    pkgs.libpq
+    pkgs.postgresql.lib
+  ];
+in
+{
+  systemd.tmpfiles.rules = [
+    "d ${stateDir} 0750 nornsight nornsight - -"
+  ];
+
+  users.users.nornsight = {
+    isSystemUser = true;
+    group = "nornsight";
+    home = stateDir;
+  };
+
+  systemd.services.nornsight = {
+    description = "Norn Sight";
+    after = [ "network-online.target" ];
+    wants = [ "network-online.target" ];
+    wantedBy = [ "multi-user.target" ];
+
+    environment = {
+      HOME = stateDir;
+      LD_LIBRARY_PATH = libraryPath;
+      PYTHONPATH = appDir;
+    };
+
+    path = with pkgs; [
+      bash
+      coreutils
+      git
+    ];
+
+    serviceConfig = {
+      Type = "simple";
+      User = "nornsight";
+      Group = "nornsight";
+      EnvironmentFile = "-${vars.secrets}/services/nornsight";
+      WorkingDirectory = stateDir;
+      Restart = "on-failure";
+      RestartSec = "5s";
+      StandardOutput = "journal";
+      StandardError = "journal";
+      NoNewPrivileges = true;
+      PrivateTmp = true;
+      ProtectHome = true;
+      ProtectSystem = "strict";
+      ReadWritePaths = [ stateDir ];
+    };
+
+    script = ''
+      set -eu
+
+      : "''${NORN_SIGHT_REPO_URL:?NORN_SIGHT_REPO_URL is required}"
+      branch="''${NORN_SIGHT_BRANCH:-main}"
+
+      if [ -d "${appDir}/.git" ]; then
+        current_origin="$(git -C "${appDir}" remote get-url origin)"
+        if [ "$current_origin" != "$NORN_SIGHT_REPO_URL" ]; then
+          rm -rf "${appDir}"
+        fi
+      fi
+
+      if [ ! -d "${appDir}/.git" ]; then
+        git clone --branch "$branch" "$NORN_SIGHT_REPO_URL" "${appDir}"
+      else
+        cd "${appDir}"
+        git fetch origin "$branch"
+        git checkout "$branch"
+        git pull --ff-only origin "$branch"
+      fi
+
+      cd "${appDir}"
+      exec ${pkgs.my_python}/bin/python -m uvicorn pipelines.web.main:app --reload --host 0.0.0.0 --port 8001
+    '';
+  };
+}
diff --git a/systems/jeeves/web_services/haproxy.cfg b/systems/jeeves/web_services/haproxy.cfg
index d2eaaf9..55eba7c 100644
--- a/systems/jeeves/web_services/haproxy.cfg
+++ b/systems/jeeves/web_services/haproxy.cfg
@@ -81,4 +81,4 @@ backend gitea
 
 backend norn_sight
   mode http
-  server server 192.168.90.49:8000
+  server server 127.0.0.1:8001
-- 
2.54.0


From 006ae6079a2897f94bacf5037fdba867df95b5dd Mon Sep 17 00:00:00 2001
From: Richie Cahill <Richie@tmmworkshop.com>
Date: Fri, 29 May 2026 20:15:51 -0400
Subject: [PATCH 2/3] moved nornsight off my_python

---
 overlays/default.nix                  |  1 -
 systems/jeeves/services/nornsight.nix | 28 +++++++++++++++++++++++++--
 2 files changed, 26 insertions(+), 3 deletions(-)

diff --git a/overlays/default.nix b/overlays/default.nix
index 42b7882..ee5a252 100644
--- a/overlays/default.nix
+++ b/overlays/default.nix
@@ -44,7 +44,6 @@
         tiktoken
         tinytuya
         typer
-        uvicorn
         websockets
       ]
     );
diff --git a/systems/jeeves/services/nornsight.nix b/systems/jeeves/services/nornsight.nix
index 9800016..d363c98 100644
--- a/systems/jeeves/services/nornsight.nix
+++ b/systems/jeeves/services/nornsight.nix
@@ -3,6 +3,12 @@ let
   vars = import ../vars.nix;
   stateDir = "${vars.services}/nornsight";
   appDir = "${stateDir}/app";
+  binPath = pkgs.lib.makeBinPath [
+    pkgs.binutils
+    pkgs.libpq
+    pkgs.postgresql
+    pkgs.stdenv.cc
+  ];
   libraryPath = pkgs.lib.makeLibraryPath [
     pkgs.libpq
     pkgs.postgresql.lib
@@ -27,14 +33,20 @@ in
 
     environment = {
       HOME = stateDir;
+      UV_CACHE_DIR = "${stateDir}/.cache/uv";
+      UV_PROJECT_ENVIRONMENT = "${appDir}/.venv";
+      UV_PYTHON = "${pkgs.python313}/bin/python3.13";
+      UV_PYTHON_DOWNLOADS = "never";
       LD_LIBRARY_PATH = libraryPath;
-      PYTHONPATH = appDir;
+      LIBRARY_PATH = libraryPath;
+      PSYCOPG_IMPL = "python";
     };
 
     path = with pkgs; [
       bash
       coreutils
       git
+      uv
     ];
 
     serviceConfig = {
@@ -56,6 +68,9 @@ in
 
     script = ''
       set -eu
+      export PATH="${binPath}:$PATH"
+      export LD_LIBRARY_PATH="${libraryPath}:''${LD_LIBRARY_PATH:-}"
+      export LIBRARY_PATH="${libraryPath}:''${LIBRARY_PATH:-}"
 
       : "''${NORN_SIGHT_REPO_URL:?NORN_SIGHT_REPO_URL is required}"
       branch="''${NORN_SIGHT_BRANCH:-main}"
@@ -77,7 +92,16 @@ in
       fi
 
       cd "${appDir}"
-      exec ${pkgs.my_python}/bin/python -m uvicorn pipelines.web.main:app --reload --host 0.0.0.0 --port 8001
+      uv sync --upgrade
+      uv run python - <<'PY'
+      import ctypes.util
+      import os
+
+      print(f"LD_LIBRARY_PATH={os.environ.get('LD_LIBRARY_PATH')}")
+      print(f"LIBRARY_PATH={os.environ.get('LIBRARY_PATH')}")
+      print(f"libpq={ctypes.util.find_library('pq')}")
+      PY
+      exec uv run uvicorn pipelines.web.main:app --reload --host 0.0.0.0 --port 8001
     '';
   };
 }
-- 
2.54.0


From 38fb14520e3d65d14d671c7b3b51b09a395494a6 Mon Sep 17 00:00:00 2001
From: Richie Cahill <Richie@tmmworkshop.com>
Date: Fri, 29 May 2026 20:26:32 -0400
Subject: [PATCH 3/3] removed --reload

---
 systems/jeeves/services/nornsight.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/systems/jeeves/services/nornsight.nix b/systems/jeeves/services/nornsight.nix
index d363c98..332b367 100644
--- a/systems/jeeves/services/nornsight.nix
+++ b/systems/jeeves/services/nornsight.nix
@@ -101,7 +101,7 @@ in
       print(f"LIBRARY_PATH={os.environ.get('LIBRARY_PATH')}")
       print(f"libpq={ctypes.util.find_library('pq')}")
       PY
-      exec uv run uvicorn pipelines.web.main:app --reload --host 0.0.0.0 --port 8001
+      exec uv run uvicorn pipelines.web.main:app --host 0.0.0.0 --port 8001
     '';
   };
 }
-- 
2.54.0